The WD MyCloud is a pretty single-purpose device. It’s a disk with a network interface, and as with Direct Attached Storage, the MyCloud Network Attached Storage is pretty easy to connect to.

First, let’s look at connecting to the web interface via the menu item, where you can drag and drop files to the device. Once the device is configured, use the WD menu item to see your device. From there, click on the name of your device.Alternatively, you could visit mycloud.com and sign into the web interface there. In both cases, you’ll see a list of files and then in the sidebar, you’ll see those options to configure settings, add integrations, view active its, and view photos that are on the device.

From here, you can simply drag and drop files into the web page, just like with a box or dropbox account, but the files are stored on the device. Additionally, you can send a link to a file or folder. To do so, right-click on the object you wish to share and then click Share Link.At the resulting screen, you’ll see a link. Click Copy to copy the link into your clipboard so you can paste it into an email.

You may also want other users to be able to log into your WD MyCloud. To allow them to do so, open Settings and click on Add User. Then provide the email address for the user and click on Send Invites.Finally, you can also mount the drive directly to computers. To do so, click on “Connect to Server” (or Command-K) from the Finder. At the Connect to Server screen, enter the address of the server and click Connect. If you don’t know the address and you’re on the local network of the device. Additionally, if you have the menu item installed, you’ll see the device in the sidebar of your Mac. It’s worth noting that with the exception of the ability to share a link to a file or folder, the permissions on the device are pretty much wide open, as you can see below. Additionally, any files you bring into the device will end up with the same wide open permissions. And while you can change permissions on files, they’ll revert back. So if you will need more granular capabilities with file permissions, this might not be the device for you. This device is a very inexpensive way to do very small workgroups or home file sharing, but beyond that it could be too basic for a lot of business use cases. What I like about it though, is that it doesn’t pretend to be anything but what it is. And it does that very well, in a very easy-to-use way.Now the MyCloud NAS comes with removable drives and a more robust interface. It’s still easy to use, but you can configure RAID levels, basic iSCSI functionality, and users. I still wouldn’t put this in front of large workgroups, but to replace a macOS Server for a small business, or as a basic NAS head, it’s a solid, easy-to-manage device.

macOS Server 5.2/5.3 and below had this great file sharing service. And while the GUI elements are gone from the Server app in High Sierra, the options available in the client operating system have matured to the point where they’re no longer really necessary. You can still configure users and groups using the Server app, and once those are created, you’ll be ready to configure share points that can be accessed using the Sharing System Preferences.

Configure Sharing Through System PreferencesTo access the sharing options, open System Preferences and click on File Sharing. First, we’ll configure the global options using the Options… button.This brings up the ability to choose whether to share with AFP or SMB. Notice that FTP is gone and will need to be started from the command line. Check the box for each user that will be sharing files via Windows (unnecessary with OD-based users), and each protocol you’d like to share data as.

Next, we’ll configure share points. From the File Sharing entry in System Preferences, you’ll see a list of Shared Folders and Users. I like to remove everything the system adds by default. Then, use the + sign to add a add a new shared folder. Browse to the folder you’d like to share and then click on the Add button.Once shared, configure the permissions of the folder. If you have the Server app, the best way to do this is to open the Server app, click on the name of the server, and then click on the Storage tab. From here, you can browse to a given share to configure ACLs.From the cog wheel icon at the bottom of the screen, choose the Edit Permissions… button.At the Edit Permissions screen, you can add additional users, and configure permissions more granularly than otherwise.

Once you make changes, you can use the same cog wheel icon to “Propagate Permissions.” Doing so will apply the same set of permissions on all child files. If you don’t have the server app, many of these same options will be available by doing a Get Info on a folder (which you can do with the Command-I keystroke, or with the File->Get Info menu item, within a standard Finder window.

Overall, there are fewer GUI options. And wwwwwaaaaaaayyyyyy fewer options, now that the serveradmin command line options are no longer available. But if there’s something you could do before that you can’t any more, let me know and I’ll add it (or a script to accomplish it) to this article.

Client ConfigurationOnce configured, you’ll want to connect to your server from a client. To connect to a share, use the Connect to Server dialog, available by clicking Connect to Server in the Go menu. A change that happened way, way back in Mavericks is that when you enter an address, the client connects over SMB by default (which is even better now that those connections can be encrypted). If you’d like to connect via AFP ‘cause you’re all old school, enter afp:// in front of the address and then click Connect. Command Line ManagementThe File Sharing service can also be controlled from the command line. macOS also has the sharing command. Using this command you can programmatically inspect, create, delete and augment information for share points using sharing.

To create a share point for AFP you can use the following command:

sharing -a <path> -A <share name>

So let’s say you have a directory at /Shares/Public and you want to create a share point called PUBLIC. You can use the following command:

sharing -a /Shares/Public -A PUBLIC

Now, the -a here will create the share for AFP but what if you want to create a share for other protocols? Well, -F does FTP (even though FTP is older than I am) and -S does SMB. Once created you can disable the share using the following command:

The latest version of the Apple Server app is out (macOS Server 5.4), and before you upgrade, there are a few points to review:

As always, make a clone of your computer before upgrading.

During the upgrade to High Sierra, if the operating system is running on a solid state drive, the drive will automatically upgrade to APFS. You cannot share APFS volumes over AFP, so if you’re running file services, make sure you’re aware of that. You can choose not to upgrade to APFS using the command line to upgrade a server. Even though the file sharing services are not in the Server app, you can still configure ACLs using the Storage tab under the server’s main screen.

The FTP Service is gone.

Time Machine service is gone, so if you were relying on that, rethink your backup strategy. Some options:

A third party backup tool.

A share that Time Machine on client systems can backup to.

Don’t upgrade.

Xcode Server is gone. You can still leverage third party tools to get build automations in place, but this is no longer a built-in component of macOS Server.

Imaging is dead. But NetInstall still works. Because you need to run a firmware update for High Sierra (and APFS), there are caveats to imaging. You can run a NetInstall to install High Sierra onto clients (which does the firmware update). You can do a NetRestore (and Define NetRestore Sources for NetBoot) from a volume that’s already been converted to APFS to another volume that’s already been converted to APFS. But you can’t NetRestore an HFS+ volume onto an APFS volume or High Sierra on APFS onto a volume running HFS+. Long live DEP.

If you’re running Calendar, Contacts, and/or Mail, then you should consider moving to Google Apps or Office 365.

Running the Wiki service configures passwords to use a less secure way of storing passwords.

Open Directory and Software Update aren’t in the Services or Advanced area of the Server sidebar. You’ll access those through the View menu. The slapconfig and other binaries that comprise OD remain pretty much untouched where they are.

If you’re running software like anti-virus that has Kernel Extensions, those should work upon upgrade (provided they’re High Sierra compatible). If you reinstall software with Kernel Extensions, you may have to accept the installation of the Kernel Extension, due to a new and more secure way of interacting with Kernel Extensions.

There are new options in Profile Manager.

Provided that you’re ok with all this, we can proceed with the upgrade!

File Services are perhaps the most important aspect of any server because file servers are often the first server an organization purchases. This has been changing over the past few years, with many a file being hosted by cloud solutions, such as Box, Dropbox, Google Drive, and of course, iCloud. And rightfully so. But many still need a terrestrial server and for predominantly Apple environments, a macOS Server running on Sierra isn’t exactly a bad idea (for many it is, so whatever there). There are a number of protocols built into macOS Server dedicated to serving files, including AFP, SMB and WebDAV. These services, combined comprise the File Sharing service in macOS Server 5.2 running on top of a Sierra Mac.
Note: I’ve got another article looking into FTP a little further but those are basically the services that I’ll stick to here.
File servers have shares. In macOS Server 5.2 (and many other solutions), we refer to these as Share Points. The first step to setting up a file share is to create all of your users and groups (or at least the ones that will get permissions to the shares). This is done in Server app using the Users and Groups entries in the List Pane. Once users and groups are created, open the Server app and then click on the File Sharing service in the SERVICES list in the List Pane. Here, you will see a list of the shares on the server.
If you’re just getting started, let’s go ahead and disable any built-in shares by clicking on the share and then clicking on the minus button (-) while the share is highlighted. When prompted to remove the share, click on the Remove button.
As mentioned, shares can be shared out using different protocols. Next, we’re going to disable SMB for Public, simply as an example. To do so, double-click on Public and then uncheck the SMB protocol checkbox for the share.
When you’ve disabled SMB for the last share, you’ve effectively disabled SMB. Click on the Done button to save the changes to the server. Editing shares is really that easy. Next, we’re going to create a new share for iPads to be able to put their work, above and beyond the WebDAV instance automatically used by the Wiki service. To create the share, first we’re going to create a directory for the share to live in on the computer, in this case in the /Shared Items/iPads directory.
Then from the File Sharing pane in Server app, click on the plus sign (“+”).
At the browse dialog, browse to the location of your iPad directory and then click on the Choose button.
At the File Sharing pane, double-click on the new iPads share. Note that there’s a new checkbox here called “Allow only encrypted connections”. If you check this, you cannot use AFP and WebDAV.
At the screen for the iPads share, feel free to edit the name of the share (how it appears to users) as it by default uses the name of the directory for the name of the share. Then, it’s time to configure who has access to what on the share. Here, use the plus sign (“+”) in the Access section of the pane to add groups that should be able to have permission to access the share. Also, change the groups in the list that should have access by double-clicking on the name of the group and providing a new group name or clicking on the plus sign to add a user or group.
The permissions available in this screen for users that are added are Read & Write, Read Only/Read and Write. POSIX permissions (the bottom three entries) also have the option for No Access, but ACLs (the top entries comprise an Access Control List) don’t need such an option as if there is no ACE (Access Control Entry) for the object then No Access is assumed.
If more granular permissions are required then click on the name of the server in the Server app (the top item in the List Pane) and click on the Storage tab. Here, browse to the directory and click on Edit Permissions.
As can be seen, there are a number of other options that more granularly allow you to control permissions to files and directories in this view. If you make a share a home folder, you can use that share to store a home folder for a user account provided the server uses Open Directory. Once a share has been made an option for home folders it appears in the Server app as an available Home Folder location for users in that directory service.
Once you have created all the appropriate shares, deleted all the shares you no longer need and configured the appropriate permissions for the share, click on the ON button to start the File Sharing service.
To connect to a share, use the Connect to Server dialog, available by clicking Connect to Server in the Go menu. A change that happened back in Mavericks is that when you enter an address, the client connects over SMB by default (which is even better now that those connections can be encrypted). If you’d like to connect via AFP ‘cause you’re all old school, enter afp:// in front of the address and then click Connect.
The File Sharing service can also be controlled from the command line. Mac OS X Server provides the sharing command. You can create, delete and augment information for share points using sharing. To create a share point for AFP you can use the following command:
sharing -a <path> -A <share name>
So let’s say you have a directory at /Shares/Public and you want to create a share point called PUBLIC. You can use the following command:
sharing -a /Shares/Public -A PUBLIC
Now, the -a here will create the share for AFP but what if you want to create a share for other protocols? Well, -F does FTP and -S does SMB. Once created you can disable the share using the following command:
sharing -r PUBLIC
To then get a listing of shares you can use the following command:
sharing -l
You can also use the serveradmin command to manage file shares as well as the sharing service. To see settings for file shares, use the serveradmin command along with the settings option and then define the sharing service:
sudo serveradmin settings sharing
Sharing settings include the following:
sharing:sharePointList:_array_id:/Shared Items/iPads:dsAttrTypeStandard\:GeneratedUID = “54428C28-793F-4F5B-B070-31630FE045AD”
sharing:sharePointList:_array_id:/Shared Items/iPads:smbName = “iPads”
sharing:sharePointList:_array_id:/Shared Items/iPads:afpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shared Items/iPads:webDAVName = “iPads”
sharing:sharePointList:_array_id:/Shared Items/iPads:smbDirectoryMask = “0755”
sharing:sharePointList:_array_id:/Shared Items/iPads:afpName = “iPads”
sharing:sharePointList:_array_id:/Shared Items/iPads:smbCreateMask = “0644”
sharing:sharePointList:_array_id:/Shared Items/iPads:nfsExportRecord = _empty_array
sharing:sharePointList:_array_id:/Shared Items/iPads:path = “/Shared Items/iPads”
sharing:sharePointList:_array_id:/Shared Items/iPads:smbUseStrictLocking = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:smbIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shared Items/iPads:name = “iPads”
sharing:sharePointList:_array_id:/Shared Items/iPads:smbInheritPermissions = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:ftpName = “iPads”
sharing:sharePointList:_array_id:/Shared Items/iPads:serverDocsIsShared = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:smbIsShared = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:afpIsShared = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:smbUseOplocks = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:webDAVIsShared = yes
sharing:sharePointList:_array_id:/Shared Items/iPads:dsAttrTypeNative\:sharepoint_group_id = “3A1C9DAD-806C-4917-A39F-9317B6F85CCD”
sharing:sharePointList:_array_id:/Shared Items/iPads:mountedOnPath = “/”
sharing:sharePointList:_array_id:/Shared Items/iPads:isIndexingEnabled = yes
sharing:sharePointList:_array_id:/Shares/Public:ftpIsShared = yes
sharing:sharePointList:_array_id:/Shares/Public:smbName = “Public-1”
sharing:sharePointList:_array_id:/Shares/Public:nfsExportRecord = _empty_array
sharing:sharePointList:_array_id:/Shares/Public:afpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shares/Public:isIndexingEnabled = no
sharing:sharePointList:_array_id:/Shares/Public:dsAttrTypeStandard\:GeneratedUID = “80197252-1BC6-4391-AB00-C00EE64FD4F2”
sharing:sharePointList:_array_id:/Shares/Public:path = “/Shares/Public”
sharing:sharePointList:_array_id:/Shares/Public:smbIsShared = yes
sharing:sharePointList:_array_id:/Shares/Public:afpUseParentOwner = no
sharing:sharePointList:_array_id:/Shares/Public:afpName = “Public-1”
sharing:sharePointList:_array_id:/Shares/Public:smbIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shares/Public:ftpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Shares/Public:afpUseParentPrivs = no
sharing:sharePointList:_array_id:/Shares/Public:afpIsShared = yes
sharing:sharePointList:_array_id:/Shares/Public:name = “Public-1”
sharing:sharePointList:_array_id:/Shares/Public:ftpName = “Public-1”
sharing:sharePointList:_array_id:/Users/krypted/Public:dsAttrTypeStandard\:GeneratedUID = “0D6AF0D1-BA70-4DD4-9256-AC1B51A2761F”
sharing:sharePointList:_array_id:/Users/krypted/Public:smbName = “Public”
sharing:sharePointList:_array_id:/Users/krypted/Public:afpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Users/krypted/Public:webDAVName = “Public”
sharing:sharePointList:_array_id:/Users/krypted/Public:smbDirectoryMask = “0755”
sharing:sharePointList:_array_id:/Users/krypted/Public:afpName = “Public”
sharing:sharePointList:_array_id:/Users/krypted/Public:smbCreateMask = “0644”
sharing:sharePointList:_array_id:/Users/krypted/Public:nfsExportRecord = _empty_array
sharing:sharePointList:_array_id:/Users/krypted/Public:path = “/Users/krypted/Public”
sharing:sharePointList:_array_id:/Users/krypted/Public:smbUseStrictLocking = yes
sharing:sharePointList:_array_id:/Users/krypted/Public:smbIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Users/krypted/Public:name = “Public”
sharing:sharePointList:_array_id:/Users/krypted/Public:smbInheritPermissions = yes
sharing:sharePointList:_array_id:/Users/krypted/Public:ftpName = “Public”
sharing:sharePointList:_array_id:/Users/krypted/Public:serverDocsIsShared = yes
sharing:sharePointList:_array_id:/Users/krypted/Public:smbIsShared = no
sharing:sharePointList:_array_id:/Users/krypted/Public:afpIsShared = yes
sharing:sharePointList:_array_id:/Users/krypted/Public:smbUseOplocks = yes
sharing:sharePointList:_array_id:/Users/krypted/Public:dsAttrTypeNative\:sharepoint_group_id = “FF1970EF-0789-49C7-80B5-E9FCABDDBB49”
sharing:sharePointList:_array_id:/Users/krypted/Public:isIndexingEnabled = yes
sharing:sharePointList:_array_id:/Users/krypted/Public:mountedOnPath = “/”
To see settings for the services use the serveradmin command with the settings option followed by the services: afp and smb:
sudo serveradmin settings afp
AFP settings include:
afp:maxConnections = -1
afp:kerberosPrincipal = “afpserver/LKDC:SHA1.66D68615726DE922C1D1760BD2DD45B37E73ADD4@LKDC:SHA1.66D68615726DE922C1D1760BD2DD45B37E73ADD4”
afp:fullServerMode = yes
afp:allowSendMessage = yes
afp:maxGuests = -1
afp:activityLog = yes

File Services are perhaps the most important aspect of any server because file servers are often the first server an organization purchases. This has been changing over the past few years, with many a file being hosted by cloud solutions, such as Box, Dropbox, Google Drive, and of course, iCloud. But many still need a terrestrial server and for predominantly Apple environments, a Server app running on OS X Yosemite isn’t exactly a bad idea. There are a number of protocols built into OS X Yosemite Server dedicated to serving files, including AFP, SMB and WebDAV. These services, combined comprise the File Sharing service in OS X Yosemite running the Server app.
Note: I’ve got another article looking into FTP a little further but those are basically what I’ll stick to here.
File servers have shares. In OS X Yosemite Server we refer to these as Share Points. By default:
• File Sharing has some built-in Share Points that not all environments will require.
• Each of these shares is also served by AFP and SMB, something else you might not want (many purely Mac environments might not even need SMB). Or if you have iOS devices, you may only require WebDAV sharing.
• Each share has permissions that Apple provides which will work for some but not all.
In short, the default configuration probably isn’t going to work for everyone. Therefore, before we do anything else, let’s edit the shares to make them secure. The first step is to create all of your users and groups (or at least the ones that will get permissions to the shares). This is done in Server app using the Users and Groups entries in the List Pane. Once users and groups are created, open the Server app and then click on the File Sharing service in the SERVICES list in the List Pane. Here, you will see a list of the shares on the server.
If you’re just getting started, let’s go ahead and disable the built-in share by clicking on Groups in the list of shares and then clicking on the minus button on the screen.
As mentioned, shares can be shared out using different protocols. Next, we’re going to disable SMB for Public, simply as an example. To do so, double-click on Public and then uncheck the SMB protocol checkbox for the share.
When you’ve disabled SMB, click on the Done button to save the changes to the server. Editing shares is really that easy. Next, we’re going to create a new share for iPads to be able to put their work, above and beyond the WebDAV instance automatically used by the Wiki service. To create the share, first we’re going to create a directory for the share to live in on the computer, in this case in the /Shared Items/iPads directory.

Then from the File Sharing pane in Server app, click on the plus sign (“+”).

At the browse dialog, browse to the location of your iPad directory and then click on the Choose button.
At the File Sharing pane, double-click on the new iPads share. Note that there’s a new checkbox here called Encrypt connections. If you check this, you cannot use AFP and WebDAV.
At the screen for the iPads share, feel free to edit the name of the share (how it appears to users) as it by default uses the name of the directory for the name of the share. Then, it’s time to configure who has access to what on the share. Here, use the plus sign (“+”) in the Access section of the pane to add groups that should be able to have permission to access the share. Also, change the groups in the list that should have access by double-clicking on the name of the group and providing a new group name or clicking on the plus sign to add a user or group.
The permissions available in this screen for users that are added are Read & Write, Read Only/Read and Write. POSIX permissions (the bottom three entries) also have the option for No Access, but ACLs (the top entries comprise an Access Control List) don’t need such an option as if there is no ACE (Access Control Entry) for the object then No Access is assumed.
If more granular permissions are required then click on the name of the server in the Server app (the top item in the List Pane) and click on the Storage tab. Here, browse to the directory and click on Edit Permissions.
As can be seen, there are a number of other options that more granularly allow you to control permissions to files and directories in this view. If you make a share a home folder, you can use that share to store a home folder for a user account provided the server uses Open Directory. Once a share has been made an option for home folders it appears in both Workgroup Manager and the Server app as an available Home Folder location for users in that directory service.
Once you have created all the appropriate shares, deleted all the shares you no longer need and configured the appropriate permissions for the share, click on the ON button to start the File Sharing service.
To connect to a share, use the Connect to Server dialog, available by clicking Connect to Server in the Go menu. A change that happened back in Mavericks is that when you enter an address, the client connects over SMB by default (which is even better now that those connections can be encrypted). If you’d like to connect via AFP ‘cause you’re all old school, enter afp:// in front of the address and then click Connect.
The File Sharing service can also be controlled from the command line. Mac OS X Server provides the sharing command. You can create, delete and augment information for share points using sharing. To create a share point for AFP you can use the following command:
sharing -a -A
So let’s say you have a directory at /Shares/Public and you want to create a share point called PUBLIC. You can use the following command:
sharing -a /Shares/Public -A PUBLIC
Now, the -a here will create the share for AFP but what if you want to create a share for other protocols? Well, -F does FTP and -S does SMB. Once created you can disable the share using the following command:
sharing -r PUBLIC
To then get a listing of shares you can use the following command:
sharing -l
You can also use the serveradmin command to manage file shares as well as the sharing service. To see settings for file shares, use the serveradmin command along with the settings option and then define the sharing service:
sudo serveradmin settings sharing
Sharing settings include the following:
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbName = "iPads"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:afpIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:webDAVName = "iPads"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbEncrypted = no
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbDirectoryMask = "0755"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:afpName = "iPads"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbCreateMask = "0644"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:nfsExportRecord = _empty_array
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:path = "/Volumes/Macintosh HD/Shared Items/iPads"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbUseStrictLocking = yes
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbIsGuestAccessEnabled = no
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:name = "iPads"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbInheritPermissions = yes
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:ftpName = "iPads"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbIsShared = yes
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:afpIsShared = yes
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:smbUseOplocks = yes
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:webDAVIsShared = yes
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:dsAttrTypeNative\:sharepoint_group_id = "E500829F-6589-4A34-9D3B-C7FDC71400B4"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:mountedOnPath = "/"
sharing:sharePointList:_array_id:/Volumes/Macintosh HD/Shared Items/iPads:isIndexingEnabled = no
To see settings for the services use the serveradmin command with the settings option followed by the services: afp and smb:
sudo serveradmin settings afp
AFP settings include:
afp:maxGuests = -1
afp:afpTCPPort = 548
afp:clientSleepTime = 24
afp:replyCacheQuantum = 32
afp:maxConnections = -1
afp:sendGreetingOnce = no
afp:reconnectTTLInMin = 1440
afp:clientSleepOnOff = yes
afp:loginGreeting = ""
afp:errorLogPath = "/Library/Logs/AppleFileService/AppleFileServiceError.log"
afp:errorLogTime = 0
afp:activityLogTime = 7
afp:errorLogSize = 1000
afp:kerberosPrincipal = "afpserver/LKDC:SHA1.5776019F497F854DBA581884DE3A1AC7BBF69E22@LKDC:SHA1.5776019F497F854DBA581884DE3A1AC7BBF69E22"
afp:recon1SrvrKeyTTLHrs = 168
afp:idleDisconnectOnOff = no
afp:reconnectFlag = "no_admin_kills"
afp:activityLog = yes
afp:reconnectKeyLocation = "/private/etc/AFP.conf"
afp:loginGreetingTime = 1315436086
afp:adminGetsSp = yes
afp:fullServerMode = yes
afp:idleDisconnectMsg = ""
afp:updateHomeDirQuota = yes
afp:activityLogPath = "/Library/Logs/AppleFileService/AppleFileServiceAccess.log"
afp:authenticationMode = "standard_and_kerberos"
afp:admin31GetsSp = no
afp:shutdownThreshold = 3
afp:TCPQuantum = 1048576
afp:allowSendMessage = yes
afp:idleDisconnectTime = 10
afp:loggingAttributes:logOpenFork = yes
afp:loggingAttributes:logDelete = yes
afp:loggingAttributes:logCreateDir = yes
afp:loggingAttributes:logLogin = yes
afp:loggingAttributes:logLogout = yes
afp:loggingAttributes:logCreateFile = yes
afp:tickleTime = 30
afp:specialAdminPrivs = no
afp:noNetworkUsers = no
afp:idleDisconnectFlag:adminUsers = yes
afp:idleDisconnectFlag:registeredUsers = yes
afp:idleDisconnectFlag:usersWithOpenFiles = yes
afp:idleDisconnectFlag:guestUsers = yes
afp:recon1TokenTTLMins = 10080
afp:guestAccess = yes
afp:allowRootLogin = no
afp:activityLogSize = 1000
afp:afpServerEncoding = 0
afp:createHomeDir = yes
To see a run-down of some of the options for afp, see this article I did previously. Additionally, for a run-down of smb options, see this one.

I see them frequently when we’re using dynamic or shared storage (e.g. Xsan or removable media) to share volumes between multiple computers and then share those shared volumes to clients through a network sharing protocol (e.g. afp or smb). They usually mean that the system doesn’t have enough permissions to do those MDSChannelPeerCreate processes. Therefore, we need to open those permissions up a little and then let the file sharing services restart. I usually do it this way:
serveradmin stop afp
serveradmin stop smb
chown -R root:staff /Volumes/VOLUMENAME/.fseventsd
chmod -R 770 /Volumes/VOLUMENAME/.fseventsd
chown -R root:staff /Volumes/VOLUMENAME/.Spotlight-V100
chmod -R 770 /Volumes/VOLUMENAME/.Spotlight-V100
chown -R root:staff /Volumes/VOLUMENAME/.dbfseventsd
chmod -R 770 /Volumes/VOLUMENAME/.dbfseventsd
serveradmin start afp
serveradmin start smb
You can do any of the other hidden directories if that doesn’t correct the errors as well, but those are the main ones that should impact MDS. MDS is the metadata search processes, which power Spotlight. If you see these processes running at a high load then you’re likely in the process of indexing. If you see these as errors in the logs then you might not have permissions to objects. Those permissions could be to the files that are attempting to be indexed or they could be to the locations where that indexed data or other requirements are stored. While I’ve used root and staff above, take note that there’s a _spotlight user that can be used as part of an ACL. The ACE for the _spotlight user is usually enabled by default, so in the event that you get these MDS errors, it’s usually due to the fact that we, as naturally suspicious systems administrators took some permissions away somewhere or got overly cautious with our permissions. I do it all the time…

File Services are perhaps the most important aspect of any server because file servers are often the first server an organization purchases. There are a number of protocols built into OS X Mountain Lion Server dedicated to serving files, including AFP, SMB and WebDAV. These services, combined comprise the File Sharing service in OS X Mountain Lion Server.
File servers have shares. In OS X Mountain Lion Server we refer to these as Share Points. By default:

File Sharing has some built-in Share Points that not all environments will require.

Each of these shares is also served by AFP and SMB, something else you might not want (many purely Mac environments might not even need SMB). Or if you have iOS devices, you may only require WebDAV sharing.

Each share has permissions that Apple provides which will work for some but not all.

In short, the default configuration probably isn’t going to work for everyone. Therefore, before we do anything else, let’s edit the shares to make them secure. The first step is to create all of your users and groups (or at least the ones that will get permissions to the shares). This is done in Server app using the Users and Groups entries in the List Pane. Once users and groups are created, open the Server app and then click on the File Sharing service in the SERVICES list in the List Pane. Here, you will see a list of the shares on the server.
In our example configuration we’re going to disable the Groups share. To do so, click on Groups one time and then click on the minus button on the screen.
As mentioned, shares can be shared out using different protocols. Next, we’re going to disable SMB for Public. To do so, double-click on Public and then uncheck the SMB protocol checkbox for the share.
When you’ve disabled SMB, click on the Done button to save the changes to the server. Next, we’re going to create a new share for iPads to be able to put their work, above and beyond the WebDAV instance automatically used by the Wiki service. To create the share, first we’re going to create a directory for the share to live in on the computer, in this case in the /Shared Items/iPads directory. Then from the File Sharing pane in Server app, click on the plus sign (“+”).
At the browse dialog, browse to the location of your iPad directory and then click on the Choose button.
At the File Sharing pane, double-click on the new iPads share.
At the screen for the iPads share, feel free to edit the name of the share (how it appears to users) as it by default uses the name of the directory for the name of the share. Then, it’s time to configure who has access to what on the share. Here, use the plus sign (“+”) in the Access section of the pane to add groups that should be able to have permission to access the share. Also, change the groups in the list that should have access by double-clicking on the name of the group and providing a new group name or clicking on the plus sign to add a user or group.
The permissions available in this screen for users that are added are Read & Write, Read Only/Read and Write. POSIX permissions (the bottom three entries) also have the option for No Access, but ACLs (the top entries comprise an Access Control List) don’t need such an option as if there is no ACE (Access Control Entry) for the object then No Access is assumed.
If more granular permissions are required then click on the name of the server in the Server app (the top item in the List Pane) and click on the Storage tab. Here, browse to the directory and click on Edit Permissions.
As can be seen, there are a number of other options that more granularly allow you to control permissions to files and directories in this view.
Once you have provided all of the appropriate users access to the share, go back to the settings for the share and scroll to the bottom of the screen.
Here, you have the option to set which protocols the share is accessible through (AFP, SMB & WebDAV) as well as make the share accessible to guests (only do this if the share should be publicly accessible) and make the share an option for home folders. Click Done once you’ve configured the share appropriately.
Once a share has been made an option for home folders it appears in both Workgroup Manager and the Server app as an available Home Folder location for users in that directory service.
Once you have created all the appropriate shares, deleted all the shares you no longer need and configured the appropriate permissions for the share, click on the ON button to start the File Sharing service.
The File Sharing service can also be controlled from the command line. Mac OS X Server provides the sharing command. You can create, delete and augment information for share points using sharing.
To create a share point for AFP you can use the following command:
sharing -a -A
So let’s say you have a directory at /Shares/Public and you want to create a share point called PUBLIC. You can use the following command:
sharing -a /Shares/Public -A PUBLIC
Now, the -a here will create the share for AFP but what if you want to create a share for other protocols? Well, -F does FTP and -S does SMB. Once created you can disable the share using the following command:
sharing -r PUBLIC
To then get a listing of shares you can use the following command:
sharing -l
You can use the sharing command to enable FTP for various share points. To do so, enable FTP using the Server app and then use the instructions at this site to manage FTP on shares: http://krypted.com/mac-os-x/ftp-on-lion-server.
You can also use the serveradmin command to manage file shares as well as the sharing service. To see settings for file shares, use the serveradmin command along with the settings option and then define the sharing service:
sudo serveradmin settings sharing
To see settings for the services use the serveradmin command with the settings option followed by the services: afp and smb:
sudo serveradmin settings afp
To see a run-down of some of the options for afp, see this article I did previously. Additionally, for a run-down of smb options, see this one.

Mountain Lion Server is now available on the OS X App Store and as with the last few updates there are some things missing that you might be expecting and depending on. First up, three major services are gone: Podcast Producer, RADIUS and dhcp. You can still do dhcp as you always did with OS X client as those features work on OS X Server, but the more granular controls available in OS X Server are now gone. The biggest impact of dhcp is probably in testing NetBoot services when there are network issues and you need to prove to network admins that it’s the network and not your server…
I had written an article before about FTP still being in OS X Server from the command line, but now it’s back in the GUI, which should make many an administrator happy. NAT is also gone from the GUI, but natd and natutil are still available from the command line. Might as well just use the Sharing System Preference pane for such things though… Server Admin is now gone (long live Server Admin!) and Workgroup Manager is now a download to be performed and installed following installation. Support for Managed Preferences is gone, even though most manifests technically still work.
Many services also got some pretty nice updates. These include:

Calendar – There are a few updates on the client side, but not on the server side. Most notably, the option to publish calendars is now gone. If you used that, it’s time to get used to manually exporting, copying to a share and then distributing links. This is going to likely cause more use of the Calendar server itself, to some degree. Also, it’s not iCal or iCal Server, it’s now Calendar and Calendar server. Seems to me that this isn’t obviously an Apple-centric naming structure as with most other things they do, but sometimes you’re gonna’ have that…

Contacts – Nope, it’s not called Address Book server, it’s the Contacts service. Same with the client side application.

DNS – DNS management is moved into the Server application. You can also now restrict who you do lookups for in the GUI. Under the hood very little changes.

File Sharing – Nothing really changes with file sharing, except the wiki integration described in the Wiki section in a little bit.

FTP – It’s a quick and easy single share solution from the GUI. Using the sharing command there’s still tons available to administrators.

Mail – Authentication mechanisms and domains are in the GUI, but very little changes otherwise.

Messages – The service name has changed from iChat to Messages in the GUI but is still jabber from the command line. The big change with this service is that the client side is now able to leverage iCloud to instant message mobile devices as well. Therefore, the text messaging component is client-side and has no impact on the jabber service itself.

NetInstall – The “NetInstall” service is NetBoot. It can host NetRestore or NetInstall images, but the heavy lifting for that stuff is done in System Image Utility. And the output of the SIU commands are now more scriptable through the automator command line interface. The NetInstall screen is now in Server app and is a good port from Server Admin in that it’s similar in look and feel to the NetBoot screen in Server Admin. A feature that isn’t in the GUI is diskless NetBoot, which is fine because I documented how to do it when I realized it would be an issue for a few customers.

Open Directory – Given that Server Admin is gone, something had to happen with Open Directory. The Open Directory screens have been moved to Server app where it’s fast to setup and tear down Open Directory. Open Directory based Users and Groups are also created through the Server App, although Workgroup Manager can be downloaded and used still. Immediately following upgrades, the add and remove users buttons are gone for previously stand-alone hosts. Also the Manage Network Accounts option is now gone from Server app, replaced with the traditional ON button supplied by Apple for other services.

Profile Manager – This deserves its own post, which is in the queue, but suffice it to say that while you can’t tell when looking in Server app, there are a number of upgrades to Profile Manager.

Software Update – Management of the service is moved from Server Admin to Server app. There are now fewer options in the GUI, but the same in the command line. Cascading is a little different.

Time Machine – Time Machine server is the same… The versions option from the Time Machine Server preference pane is gone and the layout is a little changed, but the server component is identical in functionality as well as look and feel.

VPN – Unless you add another supported VPN protocol there’s not much to do after fixing most issues in 10.7.4. Except fixing the last issue with search bases, seemingly resolved as it’s working for me pretty well.

Websites – There are more options in the GUI for new sites. The default site appears twice (once for 80 and once for 443), but there are more options, such as the Web App functionality that comes with a default Python “Hello World” app. Also the server is still called web from the serveradmin command line, but is now called Websites through the GUI.

Wiki – The wiki has themes again, although they’re just color schemes. And you can create your own custom banners and upload, which brings back two of the most common feature requests from people that hack the look and feel of the wiki in versions previous to Lion. But the most substantial aspect of the Wiki to change to me is the document management options, available to users in WebDAV or through the portal. This allows for a very mobile-friendly file management tool. Blogs and wikis for the most part stay the same and have a very clean upgrade process from Lion. The command line tools also feature some new options for indexing, etc., which many will find helpful.

Xsan – cvadmin, cvlabel, cvversions, etc are now stored in /System/Library/Filesystems/acfs.fs/Contents/bin/ and Xsan has its own entry in the Server app. Despite hearing people question its future, I’ve never seen as many questions flying around about how to do things with Xsan than I do now. Storage sales are up, monkey chatter on the web is up, deployments are being booked and Xsan looks here to stay. The Server app only really shows you a status of things, but the Xsan Admin app is now embedded in the Server app and available through the Server app Tools directory.

Configuring Websites in Server app

The Alerts options are much more robust in Mountain Lion than they were previously. You can now get alerts on a myriad of things, incuding certs, disks, space, storage quotas, virus detection, network changes and software updates.

Configuring Alerts in Mountain Lion Server

The Server commands also moved and in fact the whole file and folder structure mostly fit nicely inside of the Server app. There are certain things that haven’t been dealt with in this regard such as NetBoot’s library, but for the most part Apple is getting Server to the point where it’s very self-contained. The ramification of which is that upgrades for future releases (and from Lion to Mountain Lion for that matter) are much simpler. Simply downloading a new version informs administrators that the app has been replaced and is good to go, service data in tact. In real world, this has been a little hit or miss but should prove to make our lives much easier in the future.
Reducing scope, aligning with better development practices and all the work to merge all of the remaining services into Server app are huge undertakings. I would fully expect no further support or updates to Workgroup Manager, no more testing of managed preferences in deference to profiles and a few other culture shifts that still need to shake themselves out. Most of us are going to seem underwhelmed (if that’s a word, no it’s not ’cause I looked it up -> awesome video below --> ’cause affection has 2 fs, especially when you’re dealin’ with me). But here’s the thing, with an incremental update, you’re not going to get massive changes. Instead we will get slow and steady updates hopefully continuing to build faster towards a better end goal. What’s important is that the foundation is actually better now, given changes to other parts of OS X and so Server is likely now better positioned than ever for great new features in subsequent releases.

Oh, and did I forget to mention that Xgrid is gone. I guess no one really noticed anyway…

Xsan can be used as the back end storage to provide front end network file share services for a Mac OS X environment. This isn’t to say that it will work like a charm without some fine tuning though. One of the most important tools you have in performance tuning any Xsan volume is the block size. As I’ve mentioned in the past, the stripe breadth multiplied by the block size should total out to about 1MB total. The stripe breadth on the storage pools is therefore going to need to be customized any time you change the block sizes for the volume.
If you are using Xsan as a repository for data to be shared over clustered file storage then it is important to maintain a small block size. How small? That answer depends on your data. If it’s large files, then you may be able to stick with the default settings for clustered file storage in the volume setup wizard. However, if it’s small files then consider going even lower.